Mozilla Foundation Security Advisory 2006-66

RSA Signature Forgery (variant)

Announced

November 7, 2006

Reporter

Ulrich Kuehn

Impact

Critical

Products

Firefox, SeaMonkey, Thunderbird

Fixed in

Firefox 1.5.0.8

SeaMonkey 1.0.6

Thunderbird 1.5.0.8

Description

MFSA 2006-60 reported that RSA digital signatures with a low exponent
(typically 3) could be forged. This flaw was corrected in the
Mozilla Network Security Services (NSS) library version 3.11.3 used
by Firefox 2.0 and current development versions of Mozilla clients.

Ulrich Kuehn reported that Firefox 1.5.0.7, which incorporated
NSS version 3.10.2, was incompletely patched and remained vulnerable
to a variant of this attack.